Help
FortiSandbox
FortiSandbox provides a solution to protect against advanced threats and ransomware for companies who don’t want to implement and maintain a sandbox environment on their own.
yashwani
Staff
Staff

Created on ‎06-19-2025 11:59 PM Edited on ‎08-26-2025 02:59 AM By Moderator

Article Id 397323

Technical Tip: How to configure FortiManager as local FortiGuard Distribution Server For FortiSandbox

Description This article describes how to configure FortiManager to act as a FortiGuard Distribution Server for FortiSandbox. This is useful in air-gapped or controlled environments where FortiSandbox cannot reach FortiGuard services directly over the internet. FortiManager will act as a local relay to provide updates such as antivirus, IPS, and FortiSandbox packages.
Scope

FortiManager v7.4 or later, FortiSandbox v4.4 or later. Options are available under lower versions as well, but might be at different GUI options. 
Solution

Prerequisites:

  • FortiManager must have internet access to retrieve FortiGuard updates.

  • FortiSandbox must be able to reach FortiManager over the network.

  • Ensure both FortiManager and FortiSandbox are licensed and registered with Fortinet.

  • DNS must be resolvable or use a static IP-based override.

 

Configuration on FortiManager:

Under FortiGuard -> Settings, enable Communication with FortiGuard Server, enable Antivirus and IPS Service, select the version of FortiSandbox or the Firmware versions series for which FortiSandbox should get the updates from FortiManager. 

 

FSA1.png

 

Under System Settings -> Network, edit the network Interface, enable Web Service and FortiManager Fabric under Administrative access, enable FortiGate Updates & Web Filtering under service access, and select 'OK'.

 

FMG2.png

 

Configuration on FortiSandbox:

Go to System Settings  -> FortiGuard

 

FortiGuard Server Settings. 

  • Specify the FortiManager IP address under Use Override FDN Server to download module updates
  • Use the override server (FortiManager IP address) for FortiWeb Web filter settings, select Connect FDN Now, and Apply

 

FSA2.png

 

On FortiSandbox, FortiManager can be used for FortiGuard server and web filtering updates only.
FortiManager cannot be used for FortiSandbox WindowsCloudVM Settings and FortiSandbox Real-time Zero-Day Anti-Phishing Service Settings.
168
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.